• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

RM 1.1 Allowing zip files a security risk?

Mr Lucky

Well-known member
#1
If I allow members to attach zip files for download, I get the feeling we could lay ourselves open to malware?

Is this correct?

If so is there any kind of safer alternative?

Thanks.
 

Brogan

XenForo moderator
Staff member
#2
The contents of a .zip file could be anything.

Users should always be wary of downloading or opening files they don't trust or can't verify the content of.
 

Mr Lucky

Well-known member
#3
Yes, that's what I thought. But if somebody did somehow up[load something malicious, e.g. a trusted member who suddenly became nasty, then would I, as forum owner, be responsible?

This kind of implies I/we are safest with a disclaimer on the resource download page.
 

MattW

Well-known member
#4
You could always put somthing on the server such as clamav with maldet and have it scan the directories where the files are uploaded.